Most Linux distributions have a significant focus on security. This does not mean they are necessarily ready for production out of the box. Tools like SELinux, excellent firewall options, and robust access controls can make Linux exceptionally secure.
Despite this, actually deploying a Linux system into production still requires that the systems administrator have some idea what they are doing.

Let's use my favourite distribution, CentOS, as an example. (CentOS is a near-identical repackaging of Red Hat Enterprise Linux.) By default, SELinux is turned on. In most situations, this is a great thing; SELinux provides a layer of sandboxing so that applications of a certain class can't impinge upon files belonging to applications or users of another class.